SB2019041504 - Gentoo update for phpMyAdmin

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019041504

SB2019041504 - Gentoo update for phpMyAdmin

Published: April 15, 2019 Updated: April 18, 2019

Security Bulletin ID SB2019041504
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 25% Medium 25% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) PHP file inclusion (CVE-ID: CVE-2018-12613)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insecure handling of file path before including a php files. A remote authenticated attacker can include and execute arbitrary PHP file from a remote location. This vulnerability can be also exploited by a remote non-authenticated attacker if phpMyAdmin is configured with one of the following options:

  • $cfg['AllowArbitraryServer'] = true
  • $cfg['ServerDefault'] = 0

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.



2) Memory leak (CVE-ID: CVE-2018-19968)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to memory leak. A remote attacker with valid credentials can log in to phpMyAdmin, gain access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access to leak the contents of a local file.



3) Cross-site request forgery (CVE-ID: CVE-2018-19969)

The vulnerability allows a remote attacker to perform CSRF attack.

The weakness exists due to insufficient CSRF protections. A remote attacker can create a specially crafted HTML page or URL, trick the victim into visiting it, gain access to the system and perform arbitrary actions.

Successful exploitation of the vulnerability may allow a remote attacker to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.

4) Cross-site scripting (CVE-ID: CVE-2018-19970)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


Remediation

Install update from vendor's website.

References